+\f
+;;; Public function called by `url-get-authentication'.
+;;;###autoload
+(defun url-ntlm-auth (url &optional prompt overwrite realm args)
+ "Return an NTLM HTTP authorization header.
+Get the contents of the Authorization header for a HTTP response
+using NTLM authentication, to access URL. Because NTLM is a
+two-step process, this function expects to be called twice, first
+to generate the NTLM type 1 message (request), then to respond to
+the server's type 2 message (challenge) with a suitable response.
+
+PROMPT, OVERWRITE, and REALM are ignored.
+
+ARGS is expected to contain the WWW-Authentication header from
+the server's last response. These are used by
+`url-http-get-stage' to determine what stage we are at."
+ (url-http-ntlm--ensure-keepalive)
+ (let* ((user-url (url-http-ntlm--ensure-user url))
+ (stage (url-http-ntlm--get-stage args)))
+ (url-debug 'url-http-ntlm "Stage: %s" stage)
+ (cl-case stage
+ ;; NTLM Type 1 message: the request
+ (:request
+ (url-http-ntlm--detect-loop user-url)
+ (cl-destructuring-bind (&optional key hash)
+ (url-http-ntlm--authorization user-url nil realm)
+ (when (cl-third key)
+ (url-http-ntlm--string
+ (ntlm-build-auth-request (cl-second key) (cl-third key))))))
+ ;; NTLM Type 3 message: the response
+ (:response
+ (url-http-ntlm--detect-loop user-url)
+ (let ((challenge (url-http-ntlm--get-challenge)))
+ (cl-destructuring-bind (key hash)
+ (url-http-ntlm--authorization user-url nil realm)
+ (url-http-ntlm--string
+ (ntlm-build-auth-response challenge
+ (cl-second key)
+ hash)))))
+ (:error
+ (url-http-ntlm--authorization user-url :clear)))))
+
+\f
+;;; Register `url-ntlm-auth' HTTP authentication method.
+;;;###autoload